
<?php

/*
 * Key
 */
$key = '360technosoft';

/*
 * This is signin page for baby.
 */
include '../include/config.php';
$username = $_POST['uname'];
$password = $_POST['password'];


/*
 * 
 * Password Encryption Technique.
 */

function _encode($password, $key) {
    $majorsalt = null;

    // if you set your encryption key let's use it
    if ($key != '') {
        // conctenates the encryption key and the password
        $_password = $key . $password;
    } else {
        $_password = $password;
    }

    // if PHP5
    if (function_exists('str_split')) {
        $_pass = str_split($_password);
    }
    // if PHP4
    else {
        $_pass = array();
        if (is_string($_password)) {
            for ($i = 0; $i < strlen($_password); $i++) {
                array_push($_pass, $_password[$i]);
            }
        }
    }

    // encrypts every single letter of the password
    foreach ($_pass as $_hashpass) {
        $majorsalt .= md5($_hashpass);
    }

    // encrypts the string combinations of every single encrypted letter
    // and finally returns the encrypted password
    return $password = md5($majorsalt);
}

/*
 * find is values are empty or not.
 */
$location = 'http://'.$_SERVER['HTTP_HOST'].'/salusbaby';
if ($username == '' || $password == '') {
    //die ('fields are null');
    $error = 'fields are null';
    header('Location:'.$location);
}

$getid = mysql_query("select * from fa_user where  user_name ='" . $username . "' ") or die(mysql_error());
$a = mysql_num_rows($getid);
if ($a == 0) {
    //die('No such a user');
    $error = 'No Such a user.';
    //setcookie("err",$error);
    header('Location:'.$location.'?err='.$error);
   //include '../index';
}
while ($row = mysql_fetch_array($getid)) {
    $realpass = $row['password'];
    $uid = $row['id'];
}
$getme = mysql_query("select bid from baby_child_profile_detail where buyer_id= '" . $uid . "' ") or die(mysql_error());
$a1 = mysql_num_rows($getme);
if ($a1 == 0) {
    $error = 'You are not member of SalusBaby ';
    
}
while ($row1 = mysql_fetch_array($getme)) {
    $bid= $row1['bid'];
}
$pws = _encode($password, $key);

if ($pws == $realpass) {
    //echo 'Welcome--------' . $username.'---'.$bid;
    $location = 'http://'.$_SERVER['HTTP_HOST'].'/salusbaby/user/';
    setcookie("gid", $uid,  time()+3600,'',$location);    
    setcookie("bid",$bid,  time()+3600,'',$location);    
    echo '<br>'.$_COOKIE['bid'];
    //header('Location:'.$location);
} else {
    die( 'wrong pass....');
}
?>